The U.S. Intelligence community now assumes hostile hackers, like Chinese intelligence agency officials, will eventually gain access to U.S. systems. It's now focused on blocking their beachhead, preventing it from gaining important information (Source: AP)

Keeping enemies out is no longer good enough to protect our nation's networks

At a cyber security forum sponsored by the Atlantic and Government Executive media organizations, visitors detected a decided shift in U.S. intelligence policy. Where the community had longed focused on keeping out unwanted intruders, the new assumption was that these efforts would eventually fail. And the new focus appears to be on minimizing the damage when they do fail.

There's no such thing as 'secure' any more. The most sophisticated adversaries are going to go unnoticed on our networks. We have to build our systems on the assumption that adversaries will get in. We have to, again, assume that all the components of our system are not safe, and make sure we're adjusting accordingly.

Mike McConnell, a retired Navy vice admiral and former NSA chief from 1992 to 1996 concurred, stating, "[There is not a major computer system of consequence] that is not penetrated by some adversary that allows the adversary, the outsider, to bleed all the information at will."

Many might suspect the source of the policy shift is the recent leak by a disgruntled Army specialist, Bradley Manning, who spilled hundreds of thousands of classified documents to a foreign news site run by a self-proclaimed anarchist. While the damaging effects of that incident certainly played a role, it is far from the only reason for the shift.

The U.S. has been under increasing attack digitally from foreign intelligence agencies, including China and North Korea. Foreign spies have infiltrated defense contractors, and retrieved information from lost U.S. government hardware. Deputy Defense Secretary William Lynn, in the September/October issue of the journal Foreign Affairs, estimated that at least 100 foreign intelligence agencies are trying, night and day, to hack into U.S. government systems. He says that many of these agencies have the sophistication to succeed, at least some of the time, in their plots.

For the NSA, which is tasked both with intercepting foreign communications and protecting those of our nation, the shift in mentality is crucial. The agency indicates that it has transitioned from trying merely to stop intruders from entering systems to limiting and monitoring access when such intruders do get in.

If the recent forum was any indication, the U.S. intelligence agencies have conceded that hostile parties will likely establish beachheads on crucial systems in the coming decades of cyberwarfare. The key battle will be to prevent them from moving inland and capturing valuable documents or messages.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

I'm ok with this. I personally go through life as a parent assuming that everyone is a potential child molester. Sure there are the "blue dot" websites out there showing where the molesters are. But those are only the CONVICTED molesters. They all started somewhere and there are ones out there who haven't been caught.

I'm not a helicopter parent and I don't put foam bumpers all over my house, but I have been going through parenting with this outlook being aware of the risk and not believeing that I live in some protected bubble devoid of worry.

I think the gov't should also assume that they are not in a protective bubble. It seems like they have gotten into that belief based on their reaction to the Wikileaks leaks.

I take measures to protect my kids and we as a society collectively prepare for the worst by having a justice system in case such tragedy does occur. But being aware of the threat is the first step in setting up effective protection. And by threat, I mean the threat of miscreants getting through our best protective efforts . Not just the threat of violation in general.

That is just my thought on this security business. It should also be a policy to have as few secrets as possible. I think of "Operation Reciprocity" from Clear and Present Danger. The president had a secret and Ryan found out about it. If he hadn't bombed Escobedo's house in Columbia in the first place there would be no secret.Well he wouldn't have to worry about that getting out if it wasn't a secret.

Operational secrets are a necessity but what information is use to make decisions should not be kept secret. It sure would shut up those "Bush is a war criminal" people if it was declassified lol. Or maybe it wouldn't hmm...

I see it like football in a way. The coaches cover their mouths and use code to keep the plays that they call secret from the opposition but everyone knows how many people are on the field, what the teams are trying to do, when someone is injured, how much money they make, who is the coach, etc. I wish I could trust the President/gov't and/or media to be straightforward with that type of info. But I remain very weary.</rambling>

What I find surprising is that it is the NSA saying this is a new idea.

That agency should have been one of the first to realize that compartmentalized targets were a headache to attack, and those that allowed easy search and retrieval after initial access were a major security risk. They do this to the other side as their daily employment.

What took them so long to realize that the things that caused them problems would cause foreign attackers to have the same problems & things that made their life easy would make life easy for foreign attackers.

Compartmentalization has been part of the security protocol for centuries, why this sudden announcement that US national security just discovered this wonderful idea?